ProHoster > Ibhulogi > Ulawulo > Imifanekiso elungele imveliso yeek8s

Imifanekiso elungele imveliso yeek8s

Eli bali limalunga nendlela esisebenzisa ngayo izitya kwindawo yemveliso, ngakumbi iKubernetes. Inqaku lizinikele ekuqokeleleni iimethrikhi kunye nezigodo ezivela kwizikhongozeli, kunye nemifanekiso yokwakha.

Imifanekiso elungele imveliso yeek8s

Sisuka kwinkampani ye-fintech i-Exness, ephuhlisa iinkonzo zokurhweba kwi-intanethi kunye neemveliso ze-fintech ze-B2B kunye ne-B2C. I-R&D yethu inamaqela amaninzi awohlukeneyo, isebe lophuhliso linabasebenzi abayi-100+.

Simele iqela elijongene neqonga lokuba abaphuhlisi bethu baqokelele kwaye baqhube ikhowudi. Ngokukodwa, sinoxanduva lokuqokelela, ukugcina kunye nokuxela i-metrics, iilog, kunye neziganeko ezivela kwizicelo. Ngoku sisebenza malunga namawaka amathathu eekhonteyina ze-Docker kwindawo yemveliso, sigcina i-50 TB yokugcina idatha enkulu, kwaye sibonelela ngezisombululo zokwakha ezakhiwe malunga neziseko zethu ezisisiseko: iKubernetes, iRancher, kunye nababoneleli ngamafu abohlukeneyo oluntu. 

Inkuthazo yethu

Kutsha ntoni? Akukho mntu unokuphendula. Liphi iziko? Kunzima ukuqonda. Yatsha nini? Ungafumanisa, kodwa hayi ngoko nangoko. 

Imifanekiso elungele imveliso yeek8s

Kutheni le nto ezinye izitya zimile ngelixa ezinye ziwile? Sesiphi isikhongozeli ebesinetyala? Ngapha koko, umphandle wezikhongozeli ziyafana, kodwa ngaphakathi ngasinye sineNeo yayo.

Imifanekiso elungele imveliso yeek8s

Abaphuhlisi bethu ngamadoda afanelekileyo. Benza iinkonzo ezilungileyo ezizisa inzuzo kwinkampani. Kodwa kukho ukusilela xa izikhongozeli ezinezicelo zilahleka. Esinye isikhongozeli sisebenzisa i-CPU eninzi kakhulu, enye idla inethiwekhi, isithathu sisebenzisa imisebenzi ye-I / O, kwaye yesine ayicacanga ngokupheleleyo ukuba yenzani ngeesokethi. Yonke iyawa kwaye inqanawa iyatshona. 

Iiarhente

Ukuze siqonde okwenzekayo ngaphakathi, sagqiba kwelokuba sibeke iiarhente ngqo kwizikhongozeli.

Imifanekiso elungele imveliso yeek8s

Ezi arhente ziinkqubo ezithintelayo ezigcina izikhongozeli zikwimeko enje ukuba zingaqhekeki. Ii-arhente zibekwe emgangathweni, kwaye oku kuvumela indlela esemgangathweni yokusevisa izikhongozeli. 

Kwimeko yethu, ii-agent kufuneka zinikeze iilogi kwifomathi eqhelekileyo, ephawulweyo kunye ne-throttled. Kufuneka baphinde basibonelele ngeemetrics ezisemgangathweni ezandiswayo ngokwembono yesicelo seshishini.

Iiarhente zithetha izinto eziluncedo zokusebenza kunye nokugcinwa ezinokusebenza kwiinkqubo ezahlukeneyo zomculo ezixhasa imifanekiso eyahlukeneyo (iDebian, Alpine, Centos, njl.).

Ekugqibeleni, ii-agent kufuneka zixhase i-CI / CD elula ebandakanya iifayile zeDocker. Kungenjalo, inqanawa iya kuqhekeka, kuba izikhongozeli ziya kuqala ukuhanjiswa ngeendlela “ezigoso” iireyili.

Yakha inkqubo kunye nesixhobo somfanekiso ekujoliswe kuwo

Ukugcina yonke into isemgangathweni kwaye ilawuleke, uhlobo oluthile lwenkqubo yokwakha esemgangathweni kufuneka ilandelwe. Ke ngoko, sigqibe kwelokuba siqokelele izikhongozeli ngezikhongozeli - oku kukuphindaphinda.

Imifanekiso elungele imveliso yeek8s

Apha izikhongozeli zimelwe ngamagqabantshintshi aqinileyo. Kwangaxeshanye, bagqiba kwelokuba bafake izixhobo zokusasaza ukuze “ubomi bungabonakali bufana namaqunube.” Kutheni le nto yenziwe, siya kuchaza ngezantsi.
 
Isiphumo sisixhobo sokwakha-i-container-specific container echaza iinguqulelo ezithile zokusasaza kunye neenguqulelo ezithile zescript.

Siyisebenzisa njani? SineDocker Hub equlethe isikhongozeli. Siyibonisa ngaphakathi kwinkqubo yethu ukususa ukuxhomekeka kwangaphandle. Isiphumo sisikhongozeli esiphawulwe ngotyheli. Senza itemplate yokufaka zonke izabelo kunye nezikripthi esizidingayo kwisitya. Emva koko, sihlanganisa umfanekiso olungele ukusetyenziswa: abaphuhlisi babeka ikhowudi kunye nokuxhomekeka kwabo okukhethekileyo kuyo. 

Yintoni elungileyo ngale ndlela? 

  • Okokuqala, ulawulo olupheleleyo lwezixhobo zokwakha - isitya sokwakha, iskripthi kunye nokuhanjiswa kweenguqulelo. 
  • Okwesibini, sifezekise umgangatho: senza iitemplates, umfanekiso ophakathi kunye nolungele ukusetyenziswa ngendlela efanayo. 
  • Okwesithathu, izikhongozeli zisinika ukuphatheka. Namhlanje sisebenzisa i-Gitlab, kwaye ngomso siya kutshintshela kwi-TeamCity okanye kwi-Jenkins kwaye siya kukwazi ukuqhuba izitya zethu ngendlela efanayo. 
  • Okwesine, ukunciphisa ukuxhomekeka. Ayizange ifane into yokuba sibeke izixhobo zokuhambisa kwisikhongozeli, kuba oku kusivumela ukuba sikuphephe ukuzikhuphela kwi-Intanethi ngalo lonke ixesha. 
  • Okwesihlanu, isantya sokwakha sinyukile - ubukho beekopi zemifanekiso yendawo ikuvumela ukuba uphephe ukuchitha ixesha lokukhuphela, kuba kukho umfanekiso wendawo. 

Ngamanye amazwi, siphumelele inkqubo yokuhlanganisa elawulwayo neguquguqukayo. Sisebenzisa izixhobo ezifanayo ukwakha naziphi na izikhongozeli eziguqulelwe ngokupheleleyo. 

Isebenza njani inkqubo yethu yokwakha

Imifanekiso elungele imveliso yeek8s

Indibano iqaliswe ngomyalelo omnye, inkqubo iyenziwa emfanekisweni (igqanyiswe ngobomvu). Umphuhlisi unefayile yeDocker (ephawulwe ngomthubi), siyayinikezela, sisusa iinguqu ngamaxabiso. Kwaye endleleni songeza iiheader kunye neefooter - ezi ziiarhente zethu. 

Iheda yongeza unikezelo olusuka kwimifanekiso ehambelanayo. Kwaye i-footer ifakela iinkonzo zethu ngaphakathi, iqwalasela ukuqaliswa komsebenzi, ukugawulwa kwemithi kunye nezinye ii-arhente, indawo yokungena, njl. 

Imifanekiso elungele imveliso yeek8s

Sacinga ixesha elide ukuba sifake umphathi. Ekugqibeleni, sagqiba kwelokuba siyamdinga. Sakhetha iS6. Umphathi ubonelela ngolawulo lwesikhongozeli: ikuvumela ukuba uqhagamshele kuyo ukuba inkqubo ephambili iyantlitheka kwaye ibonelela ngolawulo lwezandla lwesingxobo ngaphandle kokuyiphinda. Iilogi kunye neemetrics ziinkqubo eziqhutywa ngaphakathi kwesikhongozeli. Kwakhona kufuneka zilawulwe ngandlel’ ithile, yaye oku sikwenza ngoncedo lomphathi. Ekugqibeleni, i-S6 inyamekela ukugcinwa kwendlu, ukulungiswa kwesignali kunye neminye imisebenzi.

Kuba sisebenzisa iindlela ezahlukeneyo zokucula, emva kokwakha kunye nokusebenza, isikhongozeli kufuneka siqonde ukuba sikuwuphi na okusingqongileyo kwaye senze ngokwemeko leyo. Umzekelo:
Oku kusivumela ukuba sakhe umfanekiso omnye kwaye siwuqhube kwiinkqubo ezahlukeneyo zeokhestra, kwaye iya kuqaliswa kuthathelwa ingqalelo iinkcukacha zale nkqubo yeokhestra.

 Imifanekiso elungele imveliso yeek8s

Kwisikhongozeli esifanayo sifumana imithi yenkqubo eyahlukeneyo eDocker naseKubernetes:

Imifanekiso elungele imveliso yeek8s

Umthwalo wentlawulo wenziwa phantsi kweliso le-S6. Nika ingqalelo kumqokeleli kunye nemisitho - ezi ziiarhente zethu ezinoxanduva lwelogi kunye neemetrics. UKubernetes akanazo, kodwa uDocker unazo. Ngoba? 

Ukuba sibheka ukucaciswa kwe "pod" (emva koko - i-Kubernetes pod), siya kubona ukuba i-container yeziganeko zenziwa kwi-pod, enesitya esahlukileyo somqokeleli esenza umsebenzi wokuqokelela i-metrics kunye nezigodo. Singasebenzisa amandla e-Kubernetes: ukuqhuba izikhongozeli kwi-pod enye, kwinkqubo enye kunye / okanye indawo yenethiwekhi. Ngokwenyani bazise iiarhente zakho kwaye wenze imisebenzi ethile. Kwaye ukuba isitya esifanayo siqalisiwe kwi-Docker, siya kufumana zonke izakhono ezifanayo njengemveliso, oko kukuthi, iya kukwazi ukuhambisa iilogi kunye neemetrics, ekubeni ii-arhente ziya kuqaliswa ngaphakathi. 

Iimethrikhi kunye neelog

Ukuhambisa i-metrics kunye neelog ngumsebenzi onzima. Kukho iinkalo ezininzi kwisigqibo sakhe.
Iziseko zophuhliso zenzelwe ukwenziwa komsebenzi, hayi ukuhanjiswa kweelog ngobuninzi. Oko kukuthi, le nkqubo kufuneka yenziwe ngeemfuno ezincinci zesikhongozeli. Sizama ukunceda abaphuhlisi bethu: "Fumana isikhongozeli se-Docker Hub, siqhube, kwaye sinokuzisa iinkuni." 

Inkalo yesibini kukukhawulela umthamo weelogi. Ukuba ukunyuka kumthamo welogi kwenzeka kwizikhongozeli ezininzi (isicelo sikhupha umkhondo we-stack kwi-loop), umthwalo kwi-CPU, iziteshi zonxibelelwano, kunye nenkqubo yokucubungula ilogi, kwaye oku kuchaphazela ukusebenza komninimzi njenge yonke kunye nezinye izitya kwinginginya, ngamanye amaxesha oku kukhokelela "ekuwa" komkhosi. 

Inkalo yesithathu kukuba kuyimfuneko ukuxhasa iindlela ezininzi zokuqokelela i-metrics kangangoko kunokwenzeka ngaphandle kwebhokisi. Ukusuka kwiifayile zokufunda kunye nokuvota kwePrometheus-endpoint ekusebenziseni iiprothokholi ezithile zesicelo.

Kwaye inkalo yokugqibela kukunciphisa ukusetyenziswa kobutyebi.

Sakhetha isisombululo esivulelekileyo sokuhamba esibizwa ngokuba yiTelegraf. Esi sisidibanisi sendalo yonke esixhasa ngaphezu kwe-140 iintlobo zeendlela zokufaka (ii-plugins zokufaka) kunye neentlobo ezingama-30 zeendlela eziphumayo (iiplagi zokuphuma). Siyigqibile kwaye ngoku siya kukuxelela indlela esiyisebenzisa ngayo usebenzisa iKubernetes njengomzekelo. 

Imifanekiso elungele imveliso yeek8s

Masithi umphuhlisi usasaza umsebenzi kwaye uKubernetes ufumana isicelo sokwenza ipod. Kweli nqanaba, isitya esibizwa ngokuba nguMqokeleli senziwe ngokuzenzekelayo kwipod nganye (sisebenzisa i-webhook yoguqulo). Umqokeleli yiarhente yethu. Ekuqaleni, esi sikhongozeli sizilungiselela ukuba sisebenze kunye nePrometheus kunye nenkqubo yokuqokelela log.

  • Ukwenza oku, isebenzisa i-pod annotations, kwaye kuxhomekeke kumxholo wayo, idala, ithi, isiphelo sePrometheus; 
  • Ngokusekwe kwinkcazo yepod kunye noseto lwesikhongozeli esithile, ithatha isigqibo sokuba ihambisa njani iilog.

Siqokelela iilogi nge-Docker API: abaphuhlisi bafuna nje ukuzibeka kwi-stdout okanye kwi-stderr, kwaye uMqokeleli uya kuyilungisa. Iilogi ziqokelelwa zibe ziziqwengana kunye nokulibaziseka okuthile ukuthintela ukugcwala komninimzi okunokwenzeka. 

Iimetriki ziqokelelwa kuzo zonke iimeko zomthwalo womsebenzi (iinkqubo) kwizikhongozeli. Yonke into iphawulwe: indawo yegama, phantsi, njalo njalo, kwaye emva koko iguqulelwe kwifomathi yePrometheus - kwaye ifumaneke ukuba iqokelelwe (ngaphandle kweelog). Sikwathumela iilog, iimetrics kunye nemisitho eKafka nangaphezulu:

  • Iilogi zifumaneka kwiGreylog (uhlalutyo olubonakalayo);
  • Iilogi, iimetriki, iziganeko zithunyelwa kwiClickhouse yokugcina ixesha elide.

Yonke into isebenza ngokufanayo kwi-AWS, kuphela sithatha indawo yeGreylog ngeKafka ngeCloudwatch. Sithumela izigodo apho, kwaye yonke into ijika ibe lula kakhulu: ikhawuleza icace ukuba yeyiphi na iqoqo kunye nesitya. Kuyafana nakwiGoogle Stackdriver. Oko kukuthi, iskimu sethu sisebenza kwisiseko kunye neKafka kunye nelifu. 

Ukuba asinayo i-Kubernetes ene-pods, iskimu sinzima ngakumbi, kodwa sisebenza kwimigaqo efanayo.

Imifanekiso elungele imveliso yeek8s

Iinkqubo ezifanayo zenziwa ngaphakathi kwisitya, zicwangciswe ngokusebenzisa i-S6. Zonke iinkqubo ezifanayo zisebenza ngaphakathi kwisikhongozeli esinye.

Ngenxa yoko,

Senze isisombululo esipheleleyo sokwakha kunye nokusungula imifanekiso, kunye neendlela zokuqokelela kunye nokuhambisa iilogi kunye neemetrics:

  • Siphuhlise indlela esemgangathweni yokuhlanganisa imifanekiso, kwaye ngokusekwe kuyo sakha iitemplates zeCI;
  • Iiarhente zokuqokelela idatha zizongezo zethu zeTelegraf. Sabavavanya kakuhle kwimveliso;
  • Sisebenzisa i-webhook yokuguqula ukuphumeza izikhongozeli ezinee-arhente kwiipod; 
  • Idityaniswe kwiKubernetes/Rancher ecosystem;
  • Singenza izikhongozeli ezifanayo kwiinkqubo ezahlukeneyo zeokhestra kwaye sifumane isiphumo esisilindeleyo;
  • Yenza uqwalaselo lolawulo lwesikhongozeli esiguqukayo. 

Omnye umbhali: Ilya Prudnikov

umthombo: www.habr.com

Yongeza izimvo